Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System... High Unreviewed
CVE-2021-37724 was published May 24, 2022
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution ... High Unreviewed
CVE-2021-35220 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and... High Unreviewed
CVE-2021-37722 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System... High Unreviewed
CVE-2021-37723 was published May 24, 2022
A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated... Critical Unreviewed
CVE-2021-31838 was published May 24, 2022
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy... High Unreviewed
CVE-2021-1580 was published May 24, 2022
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php. Critical Unreviewed
CVE-2022-37053 was published Aug 29, 2022
This affects all versions of package npm-help. The injection point is located in line 13 in index... Critical Unreviewed
CVE-2020-28445 was published Jul 26, 2022
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device... Critical Unreviewed
CVE-2021-38611 was published May 24, 2022
DIR845L A1 v1.00-v1.03 is vulnerable to command injection via /htdocs/upnpinc/gena.php. Critical Unreviewed
CVE-2022-36756 was published Aug 29, 2022
An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router via the HTTP... Critical Unreviewed
CVE-2021-39510 was published May 24, 2022
An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 750m11ac wireless... Critical Unreviewed
CVE-2021-39509 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special... Moderate Unreviewed
CVE-2021-21595 was published May 24, 2022
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command... High Unreviewed
CVE-2021-3617 was published May 24, 2022
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS... Moderate Unreviewed
CVE-2020-15955 was published May 24, 2022
An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute... Critical Unreviewed
CVE-2020-18758 was published May 24, 2022
An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle... High Unreviewed
CVE-2020-29548 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38530 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38528 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38518 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38527 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38529 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38520 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38521 was published May 24, 2022
curljs Command Injection vulnerability Critical
CVE-2020-28425 was published for curljs (npm) Aug 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database